Ask a Question

How do I enable SSL communication between Struxureware Data Center Expert and multiple Netbotz devices?

Background:

SSL (HTTPs) is a more secure form of communication than the standard HTTP. More and more users employ the use of SSL (HTTPs) to reduce the likelihood of data loss and potential cyber attacks..

Product Line:

NetBotz, StruxureWare Data Center Expert

Environment:

NetBotz integration with StruxureWare Data Center Expert.

Struxureware Data Center Expert and Netbotz Communication:

Struxureware Data Center Expert (SWDCE) can monitor numerous Netbotz devices through the use of HTTP or HTTPs, either by a periodic polling of each device or a POST received from any one Netbotz device. Information retrieved from each Netbotz unit may include alarm data, configuration data, or surveillance data. During the initial discovery process, the user can configure SWDCE to discover and monitor each Netbotz device through the use of HTTP or HTTPs. Once discovered, the IP address or Hostname of the SWDCE will be configured on each discovered Netbotz device. You can confirm these settings by accessing the Netbotz, through Advanced View, clicking on the Configuration Pane then the Infrastruxure Central icon located under Appliance Settings. The Netbotz device will now POST information to the SWDCE in the event of an alarm or other data.

When discovered through HTTP, the IP address or Hostname will appear similar to the following: 192.168.1.1.
When discovered through HTTPs, the IP address or Hostname will appears similar to the following: 192.168.1.1:443.

Changing a device discovered via HTTP to HTTPs:

If a user has discovered numerous Netbotz devices via HTTP but is required to switch communication to HTTPs, the following steps should be followed. Make sure that HTTP and HTTPs are both enabled on the Netbotz. Through the SWDCE client, click on Device/Netbotz Appliance Configuration/Web Server Settings. All Netbotz devices, monitored by the SWDCE, should appear in the list. The HTTP and HTTPs settings should also be listed. Check all Netbotz devices that are being switched to HTTPs and click Next. On the next screen confirm that HTTP and HTTPs are checked, click Next. The last screen will show status information on all devices. Confirm that all devices are listed as Complete, then click Finish. Re-discover all Netbotz devices using HTTPs.

If the SWDCE server has the original discovery saved to discover all Netbotz devices, edit the discovery. To edit the discovery, click on the Saved Discoveries tab via the SWDCE client. Highlight the discovery, then click on the Edit Discovery Settings icon, located in the right hand corner (the icon contains a pencil and pad of paper). Select the correct Security Mode option from the drop down menu (for SSL you will use either Try SSL, fall back to none; Require SSL, no certificate validation; Require SSL, validate certificates.) The Port Range field should automatically populate with the default number 443. Click Next. Confirm that the Netbotz will be in the correct Device Group. Click Next. Check Run Discovery Now and click Finish. The SWDCE should now discovery the Netbotz devices using HTTPs.

If the discovery was not saved, a new discovery will be need to be created. Through the SWDCE client interface, click on Device/Add Device. You should now follow the same steps as outlined previously in editing the discovery. If all Netbotz devices are in the same IP range you can create one discovery for the range of Netbotz devices rather than creating a discovery for each and every Netbotz device.

Once the discovery process is complete, the settings will need to be configured on each Netbotz device. Through the SWDCE client, click on Device/Netbotz Appliance Configuration/Post Alert Data Settings. Choose the IP address or Hostname to use under the "Select the address to use for sending alert data" menu. Click OK.

Log into the Netbotz devices and confirm that the Infrastruxure Central icon is now populated with the IP address or Hostname of the SWDCE server with port 443. ex. 192.168.1.1: 443

Assuming the settings have been configured you can now disable HTTP. Through the SWDCE client, click on Device/Netbotz Appliance Configuration/Web Server Settings. All Netbotz devices, monitored by the SWDCE, should appear in the list. The HTTP and HTTPs settings should also be listed. Check all Netbotz devices that are being switched to HTTPs and click Next. On the next screen uncheck HTTP but leave HTTPs checked, click Next. The last screen will show status information on all devices. Confirm that all devices are listed as Complete, then click Finish.

Troubleshooting:

If the HTTPs settings are not applied, please retrieve the server log (nbc.xml) from the SWDCE server and contact Netbotz technical support. Please also document the model number of each Netbotz unit and their firmware revision along with the SWDCE server and firmware information. The Netbotz model number and firmware information can be downloaded in a PDF report for easier troubleshooting.